Overview

overview

10

Static

static

5

JaffaCakes...92.exe

windows7-x64

10

JaffaCakes...92.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_de8e595dede81eb3fce352ff5d262f92

  • Size

    160KB

  • Sample

    250110-jdzh1szjgk

  • MD5

    de8e595dede81eb3fce352ff5d262f92

  • SHA1

    1b4bbb639743bf5c6a4a10d1bbbdb306024be29a

  • SHA256

    d9a8844d02d7298e88ee3c0dd1749b40eaa45f62d4e641d5c7bbdd79488bb813

  • SHA512

    27e12a7f69de1bdade91a19876928c0ce189fd221ca66abe32742fc303fdce5e43581da59199dc9ace068f95efd1cd3e3aeabdf8cdb7f1ce79e8162232e1c3fa

  • SSDEEP

    1536:wEY+mFM2HXKZgi0Iksu+XM5/HtAQ9J6xph:jY+4MiIkLZJNAQ9J6v

Score
10/10
tinbabankerdiscoverypersistencetrojanupx

Malware Config

Targets

    • Target

      JaffaCakes118_de8e595dede81eb3fce352ff5d262f92

    • Size

      160KB

    • MD5

      de8e595dede81eb3fce352ff5d262f92

    • SHA1

      1b4bbb639743bf5c6a4a10d1bbbdb306024be29a

    • SHA256

      d9a8844d02d7298e88ee3c0dd1749b40eaa45f62d4e641d5c7bbdd79488bb813

    • SHA512

      27e12a7f69de1bdade91a19876928c0ce189fd221ca66abe32742fc303fdce5e43581da59199dc9ace068f95efd1cd3e3aeabdf8cdb7f1ce79e8162232e1c3fa

    • SSDEEP

      1536:wEY+mFM2HXKZgi0Iksu+XM5/HtAQ9J6xph:jY+4MiIkLZJNAQ9J6v

    Score
    10/10
    tinbabankerdiscoverypersistencetrojanupx

    • Tinba / TinyBanker

      Banking trojan which uses packet sniffing to steal data.

      trojanbankertinba

    • Tinba family

      tinba

    • Adds Run key to start application

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks